Security Advisories

Learn about the most recent information security related updates, threats, and news to the University of Regina Community by following the Information Security Advisories:

QR Code Phishing

Date: 10/16/2023
Threat Level: Medium
Type: Phishing
Description:
Email containing a malicious QR Code

Secure device to server email connections are required as of Nov. 21, 2017

Date: 08/03/2023
Threat Level: Medium
Type: Configuration
Description:
Secure connections are required for uregina.ca email as of Nov. 21, 2017. You may be required to reconfigure your email client(s).

The "Old Email Reply Chain" Trick

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
Threat actors are replying to old email threads.

OneDrive File Download Phishing (email containing password to document)

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
Threat of phishing emails with malicious OneDrive file download links (containing password to document)

FortClient VPN Upgrade Required on Remote Computers

Date: 07/13/2023
Threat Level: Medium
Type: Privilege Escalation
Description:
FortiClient is the VPN client used by the University of Regina to allow external users to connect to internal network resources. A new version of this software fixes security flaws that are in previous versions.

Homewood Health Employee Family Assistance Program - Notice of Data Breach

Date: 07/13/2023
Description:
External Service Provider Data Breach

URL Shortening Services

Date: 07/13/2023
Threat Level: Low
Type: Malware, Phishing
Description:
URL Shortening services are often used by malicious actors to hide malicious activity.

.html attachment phishing

Date: 07/13/2023
Threat Level: Low
Type: Phishing
Description:
Ongoing threat from emails with malicious .html attachments

Sophos Antivirus Support Has Ended for Windows 7

Date: 07/13/2023
Threat Level: Medium
Type: Malware Risk
Description:
Sophos has ended support for its anti-virus product on Windows 7. Windows 7 system owners are required to take action.

Phishing Alert: Google Docs Phishing

Date: 07/13/2023
Threat Level: Low
Type: Phishing
Description:
Google Docs Phishing

Guard.me Health Insurance - Notice of Data Breach

Date: 07/13/2023
Threat Level: Low
Type: External Service Provider Breach
Description:
External Service provider, “Guard.me” has advised of a security incident that involved the personal information of some individuals affiliated with the University of Regina.

Unmanaged Dell Systems Require Update to Remediate Security Issue

Date: 07/13/2023
Threat Level: Medium
Type: Privilege escalation in end user devices
Description:
A flaw has been found in a Dell provided driver. Updates required to remain secure.

[SPAM] Emails Delivered to Inbox And How To Manage Them

Date: 07/13/2023
Threat Level: Low
Type: Spam Email Messages
Description:
Learn how to automate removal of emails marked as [SPAM]

Tutor Overpayment/Prepayment Scam

Date: 07/13/2023
Threat Level: Medium
Type: Payment Scam
Description:
Over-payment scams have been attempted on the tutors listed in the tutor registry.

D-Link and NetGear Home Router Vulnerabilities

Date: 07/13/2023
Threat Level: Medium
Type: Vulnerabilities in home networking routers
Description:
Users who have installed a home router (including home gateways and wireless routers) from D-Link or Netgear are urged to review the security of their device. These devices may require a hardware or software update in order to resolve a serious security flaws.

Notice of third-party service provider (Blackbaud) data breach

Date: 07/13/2023
Threat Level: Low
Type: External Service Provider
Description:
ResearchPoint, secondary Blackbaud software used by U of R, was only system affected and has since been decommissioned.

Impersonation / Fraudulent Domain - uoregina.ca

Date: 07/13/2023
Threat Level: Medium
Type: Phishing, Fraud
Description:
Threat actors will attempt to use false top level domains with a copy of our site content to trick users

COVID-19 Related Email Scams Advisory

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
Scammers are using the COVID-19 event as bait for phishing campaigns.

Recommended Zoom Security Settings

Date: 07/13/2023
Threat Level: Low
Type: Zoom meeting interception or interruption
Description:
Uninvited Guests can join Zoom meetings for the purposes of disruption. Secure configuration of Zoom meetings is recommended.

Scam Alert: "Donation to Charity or Prize Winning"

Date: 07/13/2023
Threat Level: Medium
Type: Social Engineering
Description:
This is a social engineering tactics targeted at stealing personal information to carry out further attacks that could lead to loss of funds.

"Library Notice" Phishing Advisory

Date: 07/13/2023
Threat Level: Medium
Type: Credential Phishing
Description:
University of Regina Students have been targeted for library credentials through a targeted phishing campaign.

Windows 7 End of Life

Date: 07/13/2023
Threat Level: Medium
Type: Software update
Description:
Microsoft will no longer support Windows 7 operating systems, as of January 14, 2020.

Impersonation Phishing Alert

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
Recently, many uregina.ca email addresses were targeted with phishing emails impersonating the President of the University of Regina “Vianne Timmons”. These emails contain attachment (word/pdf document) shared with users and these documents contains a link that leads to an external phishing site related to University of Regina.

VNC / Apple Remote Desktop will require VPN as of September 18, 2019

Date: 07/13/2023
Threat Level: Medium
Type: Remote Access Threat
Description:
The University of Regina, Information Services, will be undertaking changes related to Virtual Network Computing (VNC) and Apple Remote Desktop (ARD). This change will impact users who access on-campus computers from a location off campus via these services.

Breached Chegg Credentials

Date: 07/13/2023
Threat Level: Low
Type: External Account Breach
Description:
Chegg data breach impacting the University of Regina user accounts

MyFitnessPal Data Breach

Date: 07/13/2023
Threat Level: Medium
Type: External Account Breach
Description:
MyFitnessPal data breaching impacting the University of Regina user accounts

New Version of Sophos Antivirus Required by August 15, 2019

Date: 07/13/2023
Threat Level: Medium
Type: Antivirus Software Update Required for Unmanaged Systems
Description:
Unmanaged Systems Owners: Antivirus Software Replacement is required prior to August 15th, 2019

Forged Email Phishing

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
A message appearing to come from your own account claims to have access to your email

Password reuse phishing

Date: 07/13/2023
Threat Level: Medium
Type: Business Email Compromise
Description:
A fake site setup to look and act legitmate with data has sent you a request

Idle Time-out Notifications and Recommendations

Date: 07/13/2023
Threat Level: Low
Type: Physical Access
Description:
Users are requested to ensure their systems are locked when unattended. Idle-time lock notifications and recommendations provided.

"Dear uregina.ca account user."

Date: 07/13/2023
Threat Level: Medium
Type: Business Email Compromise
Description:
A phishing email message saying that you're over your mail quota may have targeted you recently

Multiple Phishing Campaigns: "New Gateway" or "Payroll Schedule is Available!"

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
Multiple phishing campaigns have been detected. Uregina.ca email addresses are being targeted.

Phishing Attempt - Dear: Webmail subscriber

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
Attempts to collect credentials with the lure that user email account is over quota.

Extortion phishing with credentials

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
Email recieved which asserts to be from IT Service Desk, and requests you to reset email password.

Phish Alert - IT Help Desk

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
Email recieved which asserts to be from IT Service Desk, and requests you to reset email password.

Targeted Phishing Attempts from ICT Service Desk

Date: 07/13/2023
Threat Level: Medium
Type: Information Disclosure
Description:
Please be aware that an phishing email message may have targeted you recently

Ticketfly Data Breach

Date: 07/13/2023
Threat Level: Medium
Type: External Account Breach
Description:
Ticketfly, a ticket processing service, has had the information of millions of users posted online

Phish Alert - Payroll Notification

Date: 07/13/2023
Threat Level: Medium
Type: Social Engineering
Description:
A spam campaign coming from a spoofed payroll@uregina.ca may have hit your inbox..

Telephone Tech Support Scams

Date: 07/13/2023
Threat Level: Medium
Type: Social Engineering
Description:
Recently there have been reports that students and staff are recieving phone calls from "Support Technicians"

Notice to Current and Potential Suppliers and Vendors

Date: 07/13/2023
Threat Level: High
Type: External Fraudulent Purchase Order Activity
Description:
Supply Management Services at The University of Regina wishes to advise potential vendors and suppliers that an active email ordering scam has been identified.

Multiple External Breached Credentials

Date: 07/13/2023
Threat Level: Low
Type: External Account Breach
Description:
A collection of nearly 3000 database breaches has surfaced on the internet, containing over 200 million usernames and passwords.

External Breached Credentials: 8Tracks

Date: 07/13/2023
Threat Level: Low
Type: External Account Breach
Description:
Music platform 8tracks was breached. If you has a 8tracks account, it is recommended you reset your password.

Security Advisory: "You have voicemail!" malware

Date: 07/13/2023
Threat Level: Medium
Type: Malware Risk
Description:
Email Messages containing links to malware use "You have a voicemail" to socially engineer users into clicking.

Phish Alert - 'E-mail Notification'

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
Email received which spoofs a uregina.ca email address, and requests a password change.

MacOS Authentication Bypass on High Sierra 10.13

Date: 07/13/2023
Threat Level: High
Type: Authentication Bypass - Remote Access
Description:
An unauthorized user may gain access to a Mac computer if it is not fully patched.

WPA2 Wireless Vulnerability

Date: 07/13/2023
Threat Level: Medium
Type: Wireless Vulnerablity
Description:
A severe vulnerability has been discovered in the Wi-Fi Protected Access II (WPA2) standard utilized in secure wireless networks. Please update your unmanaged devices.

Malware Alert - New Payment Email Message / New Address / New Contact Details

Date: 07/13/2023
Threat Level: Medium
Type: Malware Risk
Description:
An email was received regarding a payment from your account. A link is in the email which downloads malware.

Tragic-Event-Related Scams Advisory

Date: 07/13/2023
Threat Level: Medium
Type: Phishing / Malware
Description:
Tragic events such as natural disasters often create a flood of donation requests. Some of these may be fraudulent.

Security Advisory: Petya Ransomware

Date: 07/13/2023
Threat Level: High
Type: Ransomware
Description:
Petya ransomware is the latest round of malware to exploit organizations around the world.

Phish Alert - IT SERVICE DESK

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
Email recieved which asserts to be from IT Service Desk, and requests you to reset email password.

External Breached Credentials: Edmodo.com

Date: 07/13/2023
Threat Level: Low
Type: External Account Breach
Description:
Education platform provider Edmodo was breached. If you has a Edmodo account, it is recommended you reset your password.

Phish Alert - Online Banking Account, Package Delivery, Email Quota Increase, Fax Notification, Parking Ticket

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
Phishing attempts are on the rise. A variety of of messages have been seen recently which are designed grab your attention.

Windows WannaCry Ransomware Security Advisory

Date: 07/13/2023
Threat Level: High
Type: Ransomware
Description:
Large scale ransomware campaign notification.

Malware Alert - "RBC Secure Doc" Email Message

Date: 07/13/2023
Threat Level: Medium
Type: Malware Risk
Description:
A message appearing to be from RBC includes an attachment which contains malware. Do not open this attachment.

Managed workstations will have enforced idle time-out as of May 17, 2017

Date: 07/13/2023
Threat Level: Low
Type: Physical Access Threat
Description:
After 60 minutes of idle time, managed workstations will lock and require re-authentication.

Punycode / Homograph Domain Spoofing

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
Characters from other alphabets can be used to spoof websites, tricking users to enter their account credentials into an untrusted website.

Email Malware Alert - Package Delivery

Date: 07/13/2023
Threat Level: Medium
Type: Malware Risk
Description:
Malware Risk

Malware and Phish Alert - eFax

Date: 07/13/2023
Threat Level: High
Type: Phishing / Malware
Description:
A message attempting to infect recipients with malware has been received with the subject similar to "efax message from 1-613-941-2505 - 1 page(s)".

Phish Alert - 'Unrecognized sign in''

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
An email attempting to notify you of an access to your account. The notification is false and does not originate from any legitimate source.

Malware and Phish Alert - Canada Revenue Agency

Date: 07/13/2023
Threat Level: High
Type: Phishing / Malware
Description:
A fraudulent request to visit a website to receive your tax refund may attempt to expose you to malware and request your passwords.

Phish Alert - 'You have a new message"

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
There is currently an email message circulating that has been received by many users with the subject "You have a new message". The message seeks to redirect users to enter their password in a fraudulent portal.

Phish Alert - 'Update Username'

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
There is currently an email message circulating that has been received by many users with the subject "Update Username" or "Update Emailaddress@uregina.ca". The message seeks to redirect users to enter their password in a fraudulent portal.

Phish Alert - 'University of Regina'

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
There is currently an email message circulating that has been received by many users with the subject University of Regina" and requests to login to a fraudulent portal for credential theft.

Targeted Phishing Attempts at Fraud - Wire Transfers, Gift Cards

Date: 07/13/2023
Threat Level: Medium
Type: Business Email Compromise
Description:
Warning of targeted phishing attempts which request transfers of funds.

Phish Alert - 'Your account is about to expire"

Date: 07/13/2023
Threat Level: Medium
Type: Phishing Alert
Description:
There is currently an email message circulating with the subject of "Your account is about to expire" and it appears to be from "The Bank of Montreal (BMO)."

Sophos Antivirus ending support for Windows XP

Date: 07/13/2023
Threat Level: Medium
Type: Malware Risk
Description:
On Dec. 31, 2016, Windows XP users will cease to receive updates for Sophos Endpoint Security and Control (Antivirus) . Action is required for Windows XP users.

Phish Alert - 'Campus Security Alert! for Username@uregina.ca'

Date: 07/13/2023
Threat Level: Medium
Type: Phishing Alert
Description:
There is currently an email message circulating that has been received by many users with the subject "Campus Safety Alert!" and it appears to be from "0999@uregina.ca" or "099000@support.com"

Configure Click to Play Flash in Web Browsers

Date: 07/13/2023
Threat Level: Medium
Type: Flash Exploit
Description:
Configure 'Click to Play' Flash to disable automatic loading of Flash content in webpages.

Breached Dropbox Credentials

Date: 07/13/2023
Threat Level: Low
Type: External Account Breach
Description:
Dropbox account credentials using uregina.ca email addresses have appeared posted online.

LinkedIn Passwords

Date: 07/13/2023
Threat Level: Low
Type: External Account Breach
Description:
Linkedin.com accounts using uregina.ca email addresses have appeared in public forums.

Phish Alert - 'Uregina Webmail Activities'

Date: 07/13/2023
Threat Level: Medium
Type: Phishing
Description:
There is currently an email message circulating that has been received by many users with the subject "Uregina Webmail Activities" and it appears to be from "Uregina Help Desk."

Telephone Scam - Fake IT Support Calls

Date: 07/13/2023
Threat Level: Low
Type: Social Engineering
Description:
This is the short The University of Regina has recently seen an increase in phone scams where the caller pretends to be from IT and says you have a virus on your computer.

Remote Desktop will require VPN as of July 5, 2016.

Date: 07/13/2023
Threat Level: Medium
Type: Remote Access Threat
Description:
The University of Regina, Information Services, will be undertaking changes related to Remote Desktop Protocol (RDP). This change will impact users who access on-campus computers from a location off campus via remote desktop protocol (RDP).